Lyoness Cashback AG

Publisher Information

Lyoness Cashback AG is a software developer located in Graz, Styria in Austria*. A majority of the programs developed by the company can be classified as adware or other potentially unwanted programs.
Remove Lyoness Cashback AG Malware - Powered by Reason Core Security
Authority:
GlobalSign nv-sa

Valid from:
10/21/2013 6:07:04 PM

Valid to:
10/21/2016 6:07:04 PM

Subject:
E=domainadmin@lyoness.ag, CN=Lyoness Cashback AG, O=Lyoness Cashback AG, L=Graz, S=Styria, C=AT

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121966e6f40865e27da6418f77da28077d3

Scanner detections:
Detections  (94% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.LyonessCashbackAG (M), Common.PartOf.PUP.LyonessCashbackAG (M), PUP.LyonessCashbackAG.Installer (M), Plugin.Besttoolbars.BHO.K, Win32.Generic.LyonessCashbackAG.Meta, Win64.Generic.LyonessCashbackAG.Meta, PUP.Besttoolbars.LyonessCashbackAG (M)
100.00%

VIPRE Antivirus
Threat.4796038, Besttoolbars
16.00%

ESET NOD32
Win32/Toolbar.Besttoolbars (variant), Win64/Toolbar.Besttoolbars (variant), Win32/Toolbar.Besttoolbars.G potentially unwanted (variant)
8.00%

McAfee
Artemis!73977B6EFAC7, Artemis!72C4F907CE05, Artemis!552117B7738D
6.00%

Agnitum Outpost
PUA.Toolbar.Agent, PUA.Toolbar.Besttoolbars
6.00%

Dr.Web
Adware.BGuard.117, Adware.Plugin.349
6.00%

McAfee Web Gateway
Artemis, Artemis!72C4F907CE05
6.00%

Fortinet FortiGate
Riskware/Agent, Riskware/Besttoolbars, Adware/Besttoolbars
6.00%

Trend Micro House Call
Suspicious_GEN.F47V0708, Suspicious_GEN.F47V1107
6.00%

ESET NOD32
Win32/Toolbar.Besttoolbars.J potentially unwanted application
4.00%

1 / 68      (PUP)

1 / 68      (PUP)
nplion.dll (npLyoness plugin by Engauge Marketing)  (7fd69ce8bc227bab1cae048c9958e311)

2 / 68      (Adware)
buttonsite64.dll (Add-ons Framework)  (5b1485c951c364c2512f763f060166df)

2 / 68      (Adware)
ButtonSite.dll (Add-ons Framework)  (cd57cf4265eb9638fa6dff41a52f5766)

7 / 68      (Adware)
backgroundhost64.exe (Add-ons Framework)  (55f0e82f488dc5d3d99dc88dd115e9fc)

8 / 68      (Adware)
BackgroundHost.exe (Add-ons Framework)  (552117b7738dd63b130183894877b660)

1 / 68      (PUP)

1 / 68      (PUP)

5 / 68      (Adware)

8 / 68      (Adware)

20 / 68    (Adware)
ScriptHost.dll (Add-ons Framework by Lyoness Cashback AG)  (73977b6efac7281f8c1f5aaf573335f0)

1 / 68      (PUP)
pepflashplayer.dll (Shockwave Flash by Adobe Systems)  (852d470057ee0c630d4786b8d4c06730)

1 / 68      (PUP)

1 / 68      (PUP)
nacl64.exe (Lyoness Browser by Lyoness Cashback AG)  (e9a92c2098812943e359abb0a7ed30cc)

1 / 68      (PUP)
metro_driver.dll (Lyoness Browser by Lyoness Cashback AG)  (469b91268815fa9ae4c0dad2369600d9)

1 / 68      (PUP)
libexif.dll  (7a31e72eff0789dad4d6ce8339c023f8)

1 / 68      (PUP)
ffmpegsumo.dll (Lyoness Browser by Lyoness Cashback AG)  (a61d43bcf6b7844eba3008f818ce4c13)

1 / 68      (PUP)

1 / 68      (PUP)

1 / 68      (PUP)
chrome_elf.dll (Lyoness Browser by Lyoness Cashback AG)  (7a5020cd7a17217e466f13b7e7021c52)

1 / 68      (PUP)
lyonessbrowsersetupempty.exe  (00db8e7435d66fe876cc895c0738fcd2)

1 / 68      (Adware)
buttonsite64.dll (Add-ons Framework)  (7c902d868b6761cbf53b124cc54e4dc3)

1 / 68      (Adware)
ButtonSite.dll (Add-ons Framework)  (f9b5b68220c3f47a2ef911b2a0f3de1b)

1 / 68      (Adware)
backgroundhost64.exe (Add-ons Framework)  (84fd506c2a85221ae6e298962675efed)

1 / 68      (Adware)
BackgroundHost.exe (Add-ons Framework)  (5e15b7c9204259ac884bc16254dfc9cf)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (PUP)
tmp00153125 (Lyoness Browser by Lyoness Cashback AG)  (b8af2c5aefe96309880d0e0524960cb1)

1 / 68      (PUP)
tmp00153076 (Lyoness Browser by Lyoness Cashback AG)  (dfb9ac2f961820a771806ebf9b6a5f1d)

1 / 68      (PUP)
chrome.exe (Lyoness Browser by Lyoness Cashback AG)  (f9cd42be303d6353d2df5db5b2f5013b)

 
Latest 30 of 70 files

Downloads URLs for files signed by Lyoness Cashback AG.

1 / 68      (PUP)
http://cdnlarge.lyoness.net/.../LyonessBrowserSetup.exe  (445e235382605592098f16aaa965c353)

Remove Lyoness Cashback AG Malware - Powered by Reason Core Security
* Note, the details and description above are based on the code signing digital signature issued to Lyoness Cashback AG by GlobalSign nv-sa on October 21, 2013 with the serial number '1121966e6f40865e27da6418f77da28077d3'.